A new threat report from Aqua Security reveals organized attacks on cloud infrastructure and software supply chain on the rise.
While most of the attacks discovered by Team Nautilus, Aqua’s cybersecurity research team, were aimed at hijacking public cloud computing resources for mining crypto currencies, the methods used also open the door to more targets. high-value companies looking to exploit security holes in container software supply chains and runtime environments.
The team has observed 16,371 attacks since the start of 2020 that they have traced to multiple locations around the world.
- 70.7% of attacks were designed to deceive and conceal their malicious nature. This includes the use of malicious images designed to execute scripts to download other components from a remote external source.
- 95% of the images were designed to hijack resources for the sole purpose of mining crypto currencies,
- 5% were designed to launch a DDoS attack.
Between June 2019 and January 2020, the average number of daily attacks against Aqua’s honeypots increased by 50%, but from January to the end of June 2020, the number of attacks per day exploded, increasing by more than 250%. .
The attacks we have observed represent a significant increase in attacks targeting cloud native infrastructures. We expect a further increase in the sophistication, use of evasion techniques, and the diversity of attack vectors and objectives, as the widespread use of native cloud technologies makes them a more lucrative target for attackers. bad actors, ”says Idan Revivo, Nautilus team leader at Aqua.
Revivo added: “Security teams are advised to take appropriate measures, both in their pipeline and in runtime environments, to detect and intercept such attempts.”
Source : Aqua Security